SQL 2005 security

  • I have just installed SQL 2005 on windows 2000 server. The problem i am having is that there is a constant login attempt by "sa" from unkown IP address which is being denied. This is continuously filling my log file which is now more than 2000,000 failed attempts. The only way currently to stop that is to stop the SQL server

    Is there a way to prevent such attempts which I have no idea from where it is coming

  • Is this server on the Internet?

    K. Brian Kelley
    @kbriankelley

  • i think u have to change your port number of tcp/ip, from 1433 to other ,just change it and if the port number doesnt matches, the hacker cannot connect to your server,even your server is on internet.

  • I tried that and still get the same message

  • Yes the server is on the internet

  • Do you have a way of restricting what IPs can connect? Usually this is with a firewall or router? In other words, are legitimate connections coming from a known IP address? If so, block all others. If you don't have a firewall or router, you can use the operating system's IPSEC policy to restrict what IPs can connect to your SQL Server.

    Also, does it have to be exposed to the internet? Can you get to it by VPN or via a web interface instead?

    K. Brian Kelley
    @kbriankelley

Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply